Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

istmoplugins — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting istmoplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Istmoplugins develops WordPress plugins for workflow automation and task management, commonly used by businesses to streamline operations. Historically, the plugins have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These weaknesses often stem from insufficient input validation and improper access controls. The four recorded CVEs highlight recurring patterns in insecure coding practices, with some vulnerabilities allowing attackers to execute arbitrary code or compromise administrative accounts. No major public security incidents have been documented, but the consistent presence of critical vulnerabilities in their products indicates a need for improved security development practices.

Top products by istmoplugins: Instant Chat Floating Button for WordPress Websites Users Control GetBookingsWP – Appointments Booking Calendar Plugin For WordPress GetBookingsWP
CVE IDTitleCVSSSeverityPublished
CVE-2025-31896 WordPress GetBookingsWP Plugin <= 1.1.27 - Broken Access Control vulnerability — GetBookingsWPCWE-862 6.5 Medium2025-04-03
CVE-2024-13677 GetBookingsWp - Appointments & Bookings Plugin Basic Version <= 1.1.27 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover — GetBookingsWP – Appointments Booking Calendar Plugin For WordPressCWE-862 8.8 High2025-02-18
CVE-2024-44018 WordPress Instant Chat WP plugin <= 1.0.5 - Local File Inclusion vulnerability — Instant Chat Floating Button for WordPress WebsitesCWE-22 7.5 High2024-10-05
CVE-2024-44015 WordPress Users Control plugin <= 1.0.16 - Local File Inclusion vulnerability — Users ControlCWE-22 7.5 High2024-10-05

This page lists every published CVE security advisory associated with istmoplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.